[CRITICAL] CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability

PKSA-7ybs-j1bv-y5mc CVE-2025-54418 GHSA-9952-gv64-x94c

Affected version: <4.6.2

Reported by:
GitHub

[MEDIUM] Missing validation of header name and value in codeigniter4/framework

PKSA-qbjf-dc24-wrff CVE-2025-24013 GHSA-x5mq-jjr3-vmx6

Affected version: <4.5.8

Reported by:
GitHub